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different o, uni<!ue cliolHs in ■ ^ «« » *» n^ortc provided 10 

Provide to differ™ w u „ ique ^ "™" « ** » 
»~"- *c cU„* request ^ UP ™ *» *~ *» — 

=■ (CuiTCntly Amended) A system as recited in PI ' , 
«** -Utip^r^yid^ ^^tW^L ' ™ hdta «™- «» 
stare data about the clients rf*e^«, • ^• y * ,,,!,, " H, ">' "Sgregalc. transfer and 

<*« * . ^ a lpha . num=ric 3 ^:;r;~ *™ ^ ~h 

of the client „ e =d be kn own only ,„ 1" ' ™ '*»»' ^fying attributes 

6 - (Currently Amended) A system as recited in Pin* , • , 
which a sej^icurovidcQ m^t^^ ^ ' ' "^"^ <* 

purchase ot'resources or „„ods ,cr„- T ^ ""*» t0 ' « « 

u . "o^s across a data network of f « m w i£ ,t 

*• ^ °" ~ "ft* Cent ^ the ^^7* « 
moment when service is requested, where such attnh t * 
■» inte S ral and auto.*, paft ofthe re Jelttl " ^ ° f 

7- (Currently Amended) A system as recited in ri-r , - 
which a p^^^tae h^ rovidcr UaXm ' ' IDC,UdifiS — »y 

"^-^H^tem provides a client's 
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pr^rcncc. p„c,„ s «, ^c^s i„fo ml .™ n t „ , comm „„ scrvcc. po m , in exchangc 
tor „ token. the ^ horr* provider « h c„ provide ,o its cU« 

-so ,ha, ,h= cW mav to tun, offer ,he tota, ,„ mulupl e ^ provioc „ * 

who« service or good, across a dau, „ el „„ rk ,„„ cIient wish<:s „, ^ ^ 

purchase. 

8. (Original) A system as recited in Claim 7, which emplov.es the 

Internet's Hyper-Text Transfer Protocol (HTTP1 md h-.« o™. r 

w^wi i n ), ana Hat. appending means adapted to 

append., to or include in the user computer a Uniform Resource Locator (UAL) or in a 
Requcs^osponse Header, a sequence of alphameric character, which includes said 
authenticatable token. 



9. (Currently Amended) A system as recked in Claim 7. which includes an 
acceptance means by which a client's token is accepted by a system-™^. 
nroyider from whom the client wishes to receive services or goods across a data network 
and 1S instantaneously submitted to the system* common service point, which if the 
token's contents match that of a token in the common service point's dynamic session 
database, returns preference, pricing and servicc-dass information about the requesting 
client, prior to the providing of the requested services or goods across a data network. 

10. (Original) A .system as recited in Claim 9, of utilizing the User ' 
Datagram Protocol (UDP) for implementing the acceptance means. 

1 1 • (Currently Amended) A system as recited in Claim 1, for collect^ and 
storing at a common service point discrete records of access by clients to resources or 
goods across a data network of multiple ^n*ers^ ser viee providers, where such 
collection is capable of occurring instantaneously subsequent to the providing of each 
resource or good. 

1 2. (Currently Amended) A system as recited in Claim 1 1. including means bv 
which discrete records are instantaneously sorted and stored in databases according to the 
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,j (Previously Presented) * 

ultimate form of payment by the client. 

l4 (Previous W Presented) A system us recited in Claim 1 . In which said ,oken 
( ' • • • thus oermitting die token to be private-key 
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encrypted. 
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1S (Currently Amended) * *~ - « 1 » 4 ^ U * 
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fccaUo. «>- « time *heu. the source M o,i g inuity created. 
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, S (Currently Amended) A method for managing client account, and 
control Jm - resources over data networks, said method eompnstn S -. 
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clier* to access the resources of the ou~ serv.ee providers ( outstde 
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24. (Currently Amended) A method els recited in Claim IS, in which a 
provid e r ^ ser vice und e r th e m ethod hom e provider provides a client's preference, 
pricing and service-class information to a common service point in exchange for an 
authenti eatable token, which the *ewiee home provider then provides to its client, so that 
the client may in turn offer the token to multiple other servic e outsid e providers whose 
services or goods across a data network the client wishes to access, review or purchase. 

25. (Original.) A method as recited in claim 24. employing the Internet's 
Hyper-Text Transfer Protocol (HTTP), of appending to or including in a Uniform 
Resource Locator (URL), or in a Request/Response Header, a sequence of alpha-numeric 
characters which includes said authenticatabte token. 

26. (Currently Amended) A method as recited in claim 24, which includes an 
acceptance step by which a client's token is accepted by a m e thod m ember service 
rjrovider from whom the client wishes to receive services or goods across a data network, 
and is instantaneously submitted to the method's common service point, which; if the 
token's contents match that of a token in the common service point's dynamic session 
database, returns preference, pricing and service-class information about the requesting 
client, prior to the providing of the requested services or goods across a data network. 

27. (Original) A method as recited in claim 26, of utilizing the User 
Datagram Protocol (UDP) to accomplish the acceptance step. 

28. (Currently Amended) A method as recited in claim 18, for collecting and 
storing at a common service point discrete records of access by clients to resources or 
goods across a data network of multiple memb e rs of th e service provide rs, where such 
collection is capable of occurring instantaneously subsequent Lo the providing of each 
resource or good. 
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29. (Original) A method as recited in claim 28. by which discrete records 
arc instantaneously sorted and stored in databases according to the identity of the service 
provider of the individual client whose activity resulted in the record being produced, 

30. (Currently Amended) A method as recited in Claim 18, for collecting and 
aggregating records of financial charges for access to, review or acquisition of services or 
goods across a data network such that the records may be supplied to the suppliers of 
client s e rvers services without knowledge of or reference to the ultimate form of payment 
by the client. 



3 I . (Previously Presented) A system method as recited in Claim IS, in which 
said token is only "read" by said authentication server, thus permitting the token to be 
private-key encrypted, 

32. (Previously Presented) A method as recited in, claim 1 8, wherein which 
said client comprises an end user and has an end user's account and an end user's account 
manager, for enabling an initiating Internet World Wide Web host to present in' 
IlyperTcxt Markup Language (HTML) "hypertext links" which address services or goods 
available from multiple other receiving World Wide Web sites such that when the end 
user highlights or clicks the link a process is initiated whereby the receiving site is able to 
bill the end user's account manager tor access to, review or acquisition of the services or 
goods, without regard to whether the end user's account is maintained by the initiating 
WW W host or by some other service provider. 

33. (Currently Amended) A method as recited in claim IS, including the step 
of obtaining, transferring and maintaining among multiple n e twork -events service 
providers a unique alphanumeric sequence associated with a spccille digital information 
resource or object for a purpose; where the topological location of the resource on the 
network may not necessarily be related or relevant to the location where, or time when, 
the resource was originally created. 
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34, (Currently Amended) A method as recked in Claim 18 which includes 
sequence steps adapw4 for obtaining, transferring and maintaining among multiple 
networ- k ch e nlu and their soever servic e providers a dynamically updated record of funds 
encumbered by a network user client for the purchase of a digital information resource or 
resources such that each subsequent record of purchase in time, and the transfer to clients 
of an. updated record of funds available or authorized to be encumbered, is accomplished. 

35. (Currently Amended) A method of providing an online service to a user 
over a public network, the online service provided by a Service Provider (SP) site to a 
user computer via the public network, the method comprising the steps of 

sending a request message from the user computer to the SP site over the public 
network to request the use of the online, service; 

generating a challenge message at the SP site in response to the request message 
and sending the challenge message over the public network to the user computer; 

generating a response message in the user computer in response to the challenge 
message and sending the response message over the public network to the SP site, the 
response message incl uding or being based upon an identifier of the user; 

sending at least the response message from the SP site to a remote online broker 
site, the online broker site having a brokering database which contains accotmt 
information of registered users of an online brokering service of the online broker site; 

processing the response message at die remote online broker site to determine 
whether the response message is authentic, the step of processing comprising accessing 
the account information in the brokering database; 

sending a verification message from the remote online broker site to the SP site, 
the verification message indicating whether the response message is authentic; 

10 
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retrieving access rights data of the user from the brokering database if the 
response message is authentic, the access rights data specifics a plurality of content 
categories to which the user has access, the plurality of content categories correspondi ng 
to a plurality of different online services offered by the SP site; 

sending the access rights data from the online broker site to the SP site; 

providing the online service from the SP site to the user computer over the public 
network if the verification message indicates that the response message is authentic; 

denying access by the user to the online service if the verification message 
indicates that the response message is not authentic : and 

updating a .settling database at a settlor site, with a charge related to t he user 
computer access to the SP site, the settlor site being maintai ned separately from the 
remot e online broker site , 

36. (Previously Presented) A method as in claim 35, wherein the step of 
generating a response message comprises obtaining a password of the user. 

37. (Previously Presented) A method as in claim 36, wherein the step of 
generating the response message further comprises applying a cryptographic algorithm to 
at least the challenge message such that the resulting response message depends upon 
both the challenge message and the password. 

38- (Previously Presented) A method as in claim 36. wherein the step of 

obtaining the password of the user comprises retrieving the password from a password 
cache on the user computer, the password cache temporarily storing the password 
following manual entry by the user, the method thereby enabling the user to access 
multiple SP sites without re-entering die password. 
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(Currently Amended) A method as in claim 35, further comprising the 

assigning an anonymous identifier to the user at the online broker site and sending 
the anonymous identifier to the SP site to enable the SP site to anonymously charge the 
user for an online service: and 

generating a billing event at the SP .site and sending the billing event to the settlor 
online broker site, che billing event specifying at least (I) the anonymous identifier of tie 
user, and (2) a monetary charge to be. applied to an account of the user, 

40, (Currently Amended) A method as in claim 35, -further comprising the 
steps of: 

establishing a connection between the user computer and the settlor onlin e bro ker- 
site; and 

providing an online billing statement to the user over the connection, the online 
billing statement reflecting the monetary charge specified in the billing event. 

4L (Currently Amended) A method as in claim 35, further comprising the 
step of sending a billing statement from the onlin e broker settlor site to the user computer 
over the public network, the billing statement reflecting the monetary charge specified in 
the billing event. 

42. (Previously Presented) A method as in. claim 35, further comprising 

the steps of: 



39. 
steps of: 



12 



PAGE 14/35 ' RCVD AT 3/212005 11:38:14 PM [Eastern Standard Time] * SVR:USPT0£FXRF-1/1 * DNIS:8729306 1 CSID:914 949 3416 * DURATION (mm-ss):09-02 



Mar 02 05 1 1 : 45p Milde A Hof-Fberg, LLP ( 9 14 .1 94S-3416 jo . 1 



sending an access rights update request from the SP site to the remote online 
broker site, die access rights update request specifying an update to be made by the online 
brokering service to the access eights of the user: and 

processing the access rights update request at the online broker site by updating 
the access rights data of the user stored within the brokering database. 

43. (Previously Presented) A method as in claim 35, Further comprising 
the steps of: 

retrieving user-specific preference data of the user from the brokering database 
and sending the preference data from the online broker site to the SP site, the preference 
data indicating at least one user-specified preference for the customization of online 
services; and 

adjusting the online service provided from the SP site according to the user- 
specified preference. 

44, (Previously Presented) A method as in claim 43, wherein the 
preference data includes a connection speed at which the user computer connects to the 
public network, and wherein the step of adjusting comprises providing the service to the 
user computer at a speed which is commensurate with the connection speed. 

45. (Previously Presented) A method as in claim 43, wherein the 
preference data includes a display preference for the display of a particular type of media. 

46, (Previously Presented) A method as in claim 35, further comprising 
die steps of: generating a first session key at the user computer; 
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generating a second session key ai the online broker site and sending the second 
session key to the SP site, the second session key corresponding to the first session key; 
and 

using the first and second session keys to eacrypt and decrypt message traffic 
between the user computer and the SP site as the online service is provided to the user 
computer. 

47. (Previously Presented) A method as in claim 35, wherein the public 
network comprises the Internet, 

48. (Previously Presented) A method as in claim 35, wherein the steps 
of passing the request, challenge and response messages over the public network 
respectively comprise passing the request, challenge and response messages over a 
private network. 

49. (Currently Amended) A method providing a fee-based online service from 
a Service Provider (SP) site to a user over a public network while concealing the payment 
and personal information of the user from the Service Provider, comprising the steps of: 

regislerinti a user at. a r egistration site that p r ovides a registration s ervice, the 
registratio n site having a regist rati on database which c ontains registration i nf ormation on 
The user and on other use r s of the online service , t he registration site b e ing located 
rem otely from the SP site: 

providing an online broker site that provides an online brokering service, the 
online broker site having a brokering database which contains account information on the 
user and on. other users of the online brokering service, the online broker site being 
located remotely from the SP site and the registra ti on site ; 
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establishing a connection between, a computer of the user ("user computer") and 
the SP site over at least the public network; 

generating an encrypted authentication, message at tht? user computer and sending 
the authentication message to the cmline-bFOkeF registration site via at least the public 
network; 

verifying the authentication message at the onlin e brok e r registration site to 
thereby authenticate the user, the step of verifying comprising accessing the account 
information of the user stored in Jj^i^.^^isiraxiJiP, brokering database: 

generating an anonymous ID at the on-line-broke* registration site and sending the 
anonymous ID to the SP site to allow the SP site to impose a charge the user fur the 
online service; 

providing the online service from the SP site to the user computer over the public 
network; 




customization d at-a-hndteating- a user - specifi e d pref e r e nc e for th e customization of th e 
onlin e s e rvic e ; 



adj-tisti-n g the onlin e s e rvic e provid e d from th e SP sit e a ^OHfaig-t<fr{-he-ttsef-- 



generating a hilling event at the SP site and sending the billing event to the online 
broker site, the billing event specifying at least (1) the anonymous ID, and (2) a monetary 
charge to be applied to an account of the user in the brokering databas e. 
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50. (Currently Amended) A method as in claim 49, wherein the step of 
generating an encrypted authentication message comprises the steps of prompting the 
user for a password and using the password to generate the authentication message, the 
password stored in the broke ring r egistration database so that the o nline brok e ring s erviw 
c an d e t e rmine to_permi, t determination whether the authentication message corresponds to 
the password. 

5 i . (Currently Amended) A method as in claim 49, wherein the step of 
sending the encrypted authentication message to the online broker site comprises the 
steps of: 

sending the authentication message from the user computer to the SP site over the 
public network; and 

sending the authentication message from the SP site to the oftiifte-brok-e* 
registration site. 

52. (Previously Presented) A method as in claim 49, further comprising 
the step of processing the billing event at the online broker site to thereby apply the 
charge to the account of the user, 

53. (Previously Presented) A method as in claim 52, further comprising 
the step of providing an account statement from the online broker site to the user 
computer over at-lcast the public network, the account statement reflecting the charge 
specified in the billing event. 

54. (Currently Amended) A method as in claim 49 7 further comprising the 
steps of: 
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retrieving access rights data of the user from the brokering database, the access- 
rights data specifying the access rights of the user with respect to the online service 
and/or the SP site; and 

sending the access rights data from the online brok e r registration site to the SP 

site. 

55. (Previously Presented) A method as in claim 54, further comprising 
the step of interpreting the access rights data at the SP site to determine whether the user 
is authorized to access a particular content item of the SP site. 

56. (Currently Amended) A method as in claim 54, farther comprising the 
step of sending an access rights update request from the SP site to the onlin e brok e r 
registration site, the access rights update request specifying at least (1) the anonymous ID 
of the user, and (2) an update to be made by th e onlin e brok e ring service to the access 
rights data of the user. 

57. (Currently Amended) A method as in claim 49, lurther comprising the 
steps of: 

retrieving user-specific customization data of the user from the brokering database 
and sending the customisation data from the online broker site to the SP site, the 
customizat ion data indicating a user-specified prefere n ce for t h e customization of the 
online service: and 

adjusting the onlin e3emce_pxovided from the SP site acc ording to the user- 
specified preference 

wh e r e in th e customisation data includes a conn e ction upoed -a^Avhich-fee-user 
comput e r c etmects-to-rl^e-^b lic network, and wherein the stop of adjusting compriu es j 
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58. (Currently Amended) A method as in claim 57 49, wherein the 
customization data includes at, least one of a display preference for the display of a 
particular type of media an d a connection spe ed at which the user c o mputer connects t o 
th e public network, and w herei n the step of adjus tin g comprises prov idi ng the service to 
the user computer at a spe ed which generally c or responds to the connection speed . 

59. (Currently Amended) A method as in claim 49, further comprising the 
steps of: 



generating a first session key at the user computer; 



generating a second session key at the onlin e broker r egistration .site and sending 
the second session key to the SP site, the second session key corresponding to the first 
session key; and 



using the first and second session keys to encrypt and decrypt message traffic 
between the user computer and the SP site as the online service is provided to the user 
computer. 

60. (Previously Presented) A method as in claim 49 7 wherein the public 
network comprises the Internet. 

6 1 . (Previously Presented) A method as in claim 49, wherein the online 
service comprises a software download service. 

62. (Previously Presented) A method as in claim 49. wherein the online 
service comprises user access to media content an onl i n e v e rsion of a prii tfe^l-ptibUcatkw. 
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63. (Currently Amended) A system for allowing users lo securely access 
online service providers over an untrusted distributed network, comprising: 

a plurality of Service Provider (SP) sites connected to the distributed network, 
each SP site running at least one service application to provide an online service to users 
over the distributed network; 

a plurality of user computers connected to the distributed network, each user 
computer running at least one client application for accessing online services of the SP 
sites; 

an online broker site connected to the plurality of SP sites, the online broker site 
running at least one brokering application to provide an online brokering service to 
acTOiintJbr_u.se of the online services by respective users , the onlin e broker site SP sites 
optionally including a user database containing user-specific authentication information 
of users that have registered wit It an SP site to use the onlin e"broker-ing-ser-v4e-e> the 
registered users accessing the SP sites from the users computers over the distributed 
network; 



eaistornfeat4frtfrdata^p^ with r e sp e ct to th e 

iwliiteKsemees^^ data provid e d to th e SP sit e s by th e 

online brok e ring s e rvic e to e nabl e the SP sites to customize the online services to the 
pr e f e r e nc e s of individual r e ent e r e d us e rs; and 

an authentication protocol for allowing the onlin e brok e ring s e rvic e SP site to 
authenticate registered users in response to user-specific authentication requests from the 
SP sites, the authentication requests responsive to requests from the user computers to 
access the online services of the SP sites, the authentication protocol implemented by 
software components of the user computers, the SP sites, and the online broker site. 
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64. (Previously Presented) A system as in claim 63, further comprising 
a billing system for allowing the SP sites to charge the registered users for accesses to the 
online sen-ices by sending billing even is to the online brokering service, the billing 
system including a centralized database for recording billing events to accounts of the 
registered users. 

65. (Currently Amended) A system as in claim 64, wherein the bi 1 1 ing system 
includes a billing viewer application running on the user computers, the billing viewer 
application allowing a registered user to view a personal billing statement stored in the 
c e ntralize d online broke r database, the billing statement including charges from multiple 
different SP sites of the plurality of SP sites. 

66. (Currently Amended) A system as in claim 63, Rirther comprising an 
access rights database at the online b feke-r- registration site, the access rights database 
storing access rights data for a plurality of the registered users, the access rights data 
specifying access rights of the plurality of registered users with respect co the SP sites, the 
access rights data provided to the SP sites by the r^gisrxQTipj^site online br obeafrg 
se-r-v-k*?, 

67. (Previously Presented) A system as in claim 63, wherein the 
authentication protocol implements a challenge-response protocol. 

68. (Previously Presented) A system as in claim 63, wherein the 
distributed network comprises the Internet. 

69. (Currently Amended) A method providing a fee-based online service From 
a Service Provider (SP) site to a user over a distributed network while concealing the 
payment and personal information of the user from the Service Provider, comprising the 
steps of: 
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p roviding a registration site th:.r provide aigai stration service, the reiristnri™ 
s ite having a regigtratjojid^^ on th& 

onj2Lhcq i sg I s. orthe online service, the re gistration sit. Mn „ , H r ^^^rnmjjj|- 

SP site: 

providing an online broker site that provides an online brokering service, the 
online broker site having a brokering database which contains account information on the 
user and on other users of the online brokering service., the online broker site Located 
remotely from the SP site an d the registration site : 

sending an access request from a computer of the user ("user computer-) over the 
distributed network to the SP site; 

sending an authentication request from the SP site to the efllifldjfol^ r egistrati on 
site in response to the access request; 

prompting the user for a user identifier at the user computer and sending the user 
identifier to the safe- i t? brok er registration site; 

authenticating the user at the <*&fl<^bteker registration sir* j n response to the 
authentication request, the step of authenticating comprising using the user identifier > 
from the user computer to access the account information stored within the bro kcr h 
regist ration database; 



sent 



sending a verification message from the ea fa e broke r- registration site to the SP 
site in response to the authentication request, the verification message indicating whether 
the step of authenticating was successful; 

retrieving access rights data of the user from the teekenftg registration database if 
the step of authenticating is successful, the access rights data specifying a plurality of 
access rights of the user with respect to the online service and/or the SP site; 
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ending the plurality of access rights data from the en^fokee registra tion site 
to the SP site lo anonymously inform the SP site of the access rights of the user; 

providing the fee-based online service from the SP site to the user computer over 
the distributed network only if the verification message indicates that the step of 
authenticating was successful: 

generation a billing event at the SP site and sending the billing event to the online 
broker site, the billing event anonymously identifying the user to the online brokering 
service, the billing event including a charge for the providing oFthe online service to the 
user computer; and 

updating an account of the user at the online broker site to reflect the charge 
included within the billing event. 

70. ( Previously Presented) A method as in claim 69, further comprising 
the step of providing an account statement from the online broker site to the user 
computer over at-lcasi the distributed network, the account statement reflecting the 
charge included in the billing event. 

7 1 . (Currently Amended) An online brokering service For allowing users of a 
public network to anonymously purchase online services from Service Provider (SP) sites 
on the public network, the online brokering service provided from an online broker site 
and a registra tjon_sitc that is arc each located separately and remotely from the SP sites, 
the online brokering service comprising: 

a database at the rciristratio nsite which contains account information of users that 
have registered with online brokering service, the account information including at least a 
unique identifier of each registered user; 
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a billing system at the onli n e broker site for recording monetary charscs to 
accounts of registered users, the monetary charges corresponding to online services 
purchased from the SP sites over the public network; tmd 

a software package running at the online broker site, the brok erage software 
package performing at least the following functions: 

(a) rec eiving identifvin j ^informatinn about the user generated at the registrati on 
sitetp^c orreiale an anon ym ous TP of a re g istered user with an ident ifi cation of an account 
of_a_r e!>istered user: a nd 



a u th e n t ten ting -registo 
Hthentie 

d#t-c*base- 




'SrttHresp onB e to auth ent- 
fc-ge n e rat e d in r e&i 



-aeeoun-1 





h&o m th e 
tere^-t±sefs 



(b) receiving user-specific billing events from the SP sites and passing the billing 
events to the billing system to update the accounts of registered users, each billing event 
specifying at least (1) an anonymous .ID of a registered user, and (2) a charge to be 
applied to the account of the registered user; and 

a_s oftware package ru nni ng at the registration site, the registration softwar e 
package performin g at least the followi n g functions: 

fa) authentic ating registered use r s in response to au t hentication reques ts received 
from the SP si te s, the authentication . ^ uests generated i n response to attem pts by 
registered users to ac cess online services of t he SP sites, said authenticating compris ing 
accessing the databasc_tp verify user account information* 



fe) (b) retrieving user-specific access rights data from the database in response to 
requests from the SP sites and transmitting the access rights data to the SP sites, the 
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access rights data specifying a plurality of content categories or services to which a 
registered user has access and enabling the SP sites to provide customized access rights to 
the registered users : and 

(e) uencra ting an anonvmous TP of a_registered u s er for use by the SP site s _and 
communicating th e identifying information f or correlatin g the anonym o us TP with an 
i^entjlicatjon of an account of a register e d user to the online broke rage site. 

72. (Previously Presented) An online brokering service as in claim 71, 
wherein at least oncof Lhe online broker software package a nd registratio n software 
package further performs the function of: 

retrieving user-specific; customization data from the database in response to 
requests from the SP sites and transmitting the customization data to the SP sites, the 
customization data indicating user specified preferences for enabling the SP sites to 
provide user customized online services. 

73. (Previously Presented) An online brokering service as in claim 71 , 
wherein the billing system comprises a software module for allowing the registered user 
to remotely access an online billing statement, the online billing statement reflecting 
billing events received by the online broker site from multiple different SP sites, 

74. (Previously Presented) An online brokering service as in claim 7 1 , 
wherein the public network comprises the Internet. 

75. (Currently Amended) A virtual online services network for allowing users 
to directly access service provider (SP) sites over a public network, comprising: 

an online brokering service running on at least one site of a computer network, the 
online brokering service storing a^ewfUrrtftd billing information for a plurality of users of 
the public network, e ach of the users -h aving a respect ivc acc ount with the onlin e 
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bro [coring s ervicey the online brokering service providing online access by the users to 
account-specific billing information; 

a registration service ru nning an at least one site of a comp uter network, and 
being separate from the on lin e brokerhm service, the regist r ation service storing ac count 
information for a pl urality of users oF the public networ k, ea ch of the users having a 
respect lye ac count with the online brokering se rvice: 

a plurality of fee-based online services running on a plurality of independent 
service provider (SP) sites on the public network, the SP sites directly accessible to the 
users over the public networks each SP site being registered with the online brokering 
service and the registration service, and being configured U> use the online br oke r-kig 
registration service to authenticate die users when the users' connect to the SP sites over 
the public network, the fee-based services configured to generate account-specific billing 
events in response to uses of the online services by the users and to forward the billing 
events to the online brokering service so that the users are billed for the online services 
from a centralized billing location; and 

a log-on protocol which aliows the users to access the plurality of online services 
using their respective accounts wk-fa4he- enlin e brok e ring s e rvic e, the log-on protocol 
configured to (1) prompt a user for an account identifier, (2) cache the account identifier 
during the course of a user log-on session, and (3) use the cached account identifier to 
access multiple different SP sites, the log-on protocol thereby allowing the user to 
se a mlessly seamlessly access the plurality of fee-based online services following a single 
log-on event; 

wherein the onl+ne-bK>k-er-mg registration service stores user-specific access rights 
data, and provides the access rights data specifying access rights for a plurality of online 
services for a specific user to the SP sites in response to requests from the SP sites* and 
wherein the fee-based online services are configured to use the access rights data to 
automatically provide user-customized services to the users, 
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76. (Currently Amended) A virtual online services network as in claim 75, 
wherein the log-on protocol is implemented by respective software components stored on 
(1) the SP sites, (2) the at least one site of the on4- kie brokering castration service, and 
(3) computers of the users, 

77. (Previously Presented) A virtual online services network as in claim 
75. wherein the log-on protocol includes a challenge-response authentication protocol for 
allowing the SP sites to authenticate the users. 

78, (Previously Presented) A virtual online services network as in claim 
75. wherein the public network comprises the Internet 

79, (Currently Amended) An apparatus comprising: 

A a broker server operatively connected to a computer network, the broker server 
having a processor and a computer readable memory, the memory storing broker server 
implementation software, including customer access software, sal e linking software to 
link custom e rs to s e lected sites ^n-t4ie-CiE>mp u^ei^-ne4wwk and at least one broker data 
structure: 

a. registration server operatively connected to a computer network, m aintained 
separately from the broker server, the registration server having a pr ocessor_and_a 
computer reada ble memory, the memory storing registration server implementation 
software, including customer access software, and at least one registration data stru cture; 

the at least one broker data structure including a list of r e gist e r e d customers along 
with corr e sponding ID and p aym e nt account information for a plurality of registered 
customers , and including a list of onlin e Mit e s with th e ir corr e sponding linking 
information, tl ^e4^^>4 : H^ftl-me^i-tes-be tng-a-s«bse t of th e uiioi i available to us e rs of the 
co m pute r ^ tv . 'ork -.-the-at-least^ne- 4ata structur e furth e r including acc e ss righto to a 



26- 



PAGE 28/35 1 RCVD AT 3/2/2005 1 1:38:14 PM [Eastern Standard Time]* SVR:USPT0£FXRF-1/1 * DM8:8729306 ' CSID:914 949 3416 4 DURATION (mm-ss):09-02- 



Ma.r 02 05 1 1: 48p 



Milcie &. Hof fbcrg., LLP 



(914] 949-34 16 



pktfal ity-o £o nlt-He^-s ervic e a provided by a t-4east~one-e3 



si4es; 



th e at least one registration data structu re in cluding registration da ta o f a plurality 
of a plurality of registered customers, the at least one data structure furth er co mprising 
access rights relating Lo a plurality of online se rvices; 

whereby the bf&ker registration server facilitates seamless connection between a 
selected registered customer from its l ist of customer s and a-seleetod an online site ftom 
th e list e d onlin e sit e s to create a virtual online service, including anonymously providing, 
the selected customer's access rights to the plurality of online services provided by the 
selected online site , and 

wherebv the broker server receive s anonv mous accounting information from the 
online site for charges of a customer and receives identifyin g information from the 
registration server to permi t updating of account i nformation for a r espective re gistered 
customer , 

80. (Previously Presented) An apparatus as in claim 79, wherein the 
computer network is a public network which comprises the Interact, and wherein the 
online sites are World Wide Web sites of the Internet. 

8 1 . (Previously Presented) A system, comprising: 

(a) a plurality of separate user registration databases, each storing a plurality 
of user identifications, including user account reference information; 

(b) a provider Interface, through which a plurality of providers issue requests 
to post a transaction to a particular user account, without requiring knowledge of a 
respective user identity; 
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(c) a settlement server, receiving said requests, accessing at least one of said 
user registration databases, and communicating said request and an user Identity to one of 
a plurality of user account databases; and 

(d) said user registration databases and said user account databases being 
independent and remotely located with respect to each other. 

82. (Previously Presented) A method, comprising: 

(a) recording a user identification, including user account reference 
information, into one of a plurality of separately maintained user registration databases; 

(b) issuing a request to post a transaction to a particular user account, without 
requiring knowledge of a respective user identity by a posting party; 

(e) at a settlement server: 

(i) receiving the request from the posting party, 

(ii) accessing at least one of the user registration databases, and 

(iii) communicating the request and an user identity to corresponding 
one of a plurality of user account databases; and 

(d) independently maintaining the user registration databases and the user 
account databases at remote locations. 
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